Microsoft is taking the unusual step of issuing an emergency fix for a security hole in its Internet Explorer software that has exposed millions of users to having their computers taken over by hackers.

The "zero-day" vulnerability, which came to light last week, allows criminals to take over victims' machines simply by steering them to infected Web sites; users don't have to download anything for their computers to get infected, which makes the flaw in Internet Explorer's programming code so dangerous.

Microsoft said it plans to ship a security update, rated "critical," for the browser on Wednesday. People with the Windows Update feature activated on their computers will get the patch automatically.